[LINK] security issue on routers (and other devices?)
Karl Auer
kauer at biplane.com.au
Wed Jan 30 08:26:23 AEDT 2013
On Tue, 2013-01-29 at 10:30 -0800, Rick Welykochy wrote:
> In a nutshell, it involves a device on your home network automatically
> assigning its own IP address without using DHCP.
>From a security perspective, though, UPnP has a few nasties (mere
address assignment is not in itself a nasty). Of those, two are
especially nasty in combination: Nothing UPnP does is authenticated, and
it can drill holes through network boundaries. In particular, it can
open holes in firewalls and set up port forwarding through NAT boxes.
Only when the equipment concerned is UPnP capable, of course, and only
when UPnP is enabled, but all too often it is both present and enabled
by default.
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)
http://www.biplane.com.au/kauer
http://www.biplane.com.au/blog
GPG fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
Old fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017
More information about the Link
mailing list